From adee1dd91882b8a13345479c7fe216bac6908451 Mon Sep 17 00:00:00 2001
From: Sander Eikelenboom <linux@eikelenboom.it>
Date: Wed, 10 Nov 2010 14:37:19 +0000
Subject: [PATCH] tools/hotplug/Linux: supply --physdev-is-bridged in iptables
 runes

With newer (pvops) kernels logs get flooded with this iptables
warning: physdev match: using --physdev-out in the OUTPUT, FORWARD and
POSTROUTING chains for non-bridged traffic is not supported anymore

Using the --physdev-is-bridged option prevents this.
See also: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571634#10

Signed-off-by: Sander Eikelenboom <linux@eikelenboom.it>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
---
 tools/hotplug/Linux/vif-common.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tools/hotplug/Linux/vif-common.sh b/tools/hotplug/Linux/vif-common.sh
index 780cc718ab..05ee712fd9 100644
--- a/tools/hotplug/Linux/vif-common.sh
+++ b/tools/hotplug/Linux/vif-common.sh
@@ -105,10 +105,10 @@ frob_iptable()
     local c="-D"
   fi
 
-  iptables "$c" FORWARD -m physdev --physdev-in "$vif" "$@" -j ACCEPT \
+  iptables "$c" FORWARD -m physdev --physdev-is-bridged --physdev-in "$vif" "$@" -j ACCEPT \
     2>/dev/null &&
   iptables "$c" FORWARD -m state --state RELATED,ESTABLISHED -m physdev \
-    --physdev-out "$vif" -j ACCEPT 2>/dev/null
+    --physdev-is-bridged --physdev-out "$vif" -j ACCEPT 2>/dev/null
 
   if [ "$command" == "online" -a $? -ne 0 ]
   then
-- 
2.30.2